ISO/IEC TR 24772-1:2019

Abstract

This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. Language-specific descriptions of these vulnerabilities are provided in other parts of the ISO/IEC 24772 series.

It is applicable to the software developed, reviewed, or maintained for any application.

This document does not address software engineering and management issues such as how to design and implement programs, use configuration management tools, use managerial processes, and perform process improvement. Furthermore, the specification of properties and applications to be assured are not treated.

Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.

General information

Status
: Published

Publication date
: 2019-12
Edition
: 1

Number of pages
: 166
Technical Committee
: ISO/IEC JTC 1/SC 22 Programming languages, their environments and system software interfaces
ICS
:
35.060 Languages used in information technology

Buy this standard

	Format	Language
std 1 208	PDF + ePub
std 2 208	Paper

CHF208

Life cycle

Previously

Withdrawn

ISO/IEC TR 24772:2013
Now

Published

ISO/IEC TR 24772-1:2019

A standard is reviewed every 5 years
Stage: 90.92 (To be revised)
Will be replaced by

Under development

ISO/IEC DIS 24772-1

Got a question?

Check out our FAQs

Customer care

+41 22 749 08 88

customerservice@iso.org

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Abstract

General information

Buy this standard

Life cycle

Previously

ISO/IEC TR 24772:2013

Now

ISO/IEC TR 24772-1:2019

Will be replaced by

ISO/IEC DIS 24772-1

Got a question?